| Server IP : 103.119.228.120 / Your IP : 3.147.104.18 Web Server : Apache System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64 User : nobody ( 99) PHP Version : 5.6.40 Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /lib64/python2.7/site-packages/sepolicy/templates/ |
Upload File : |
# Copyright (C) 2007-2012 Red Hat
# see file 'COPYING' for use and warranty information
#
# policygentool is a tool for the initial generation of SELinux policy
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation; either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
# 02111-1307 USA
#
#
########################### Type Enforcement File #############################
te_login_user_types="""\
policy_module(TEMPLATETYPE, 1.0.0)
########################################
#
# Declarations
#
userdom_unpriv_user_template(TEMPLATETYPE)
"""
te_admin_user_types="""\
policy_module(TEMPLATETYPE, 1.0.0)
########################################
#
# Declarations
#
userdom_admin_user_template(TEMPLATETYPE)
"""
te_min_login_user_types="""\
policy_module(TEMPLATETYPE, 1.0.0)
########################################
#
# Declarations
#
userdom_restricted_user_template(TEMPLATETYPE)
"""
te_x_login_user_types="""\
policy_module(TEMPLATETYPE, 1.0.0)
########################################
#
# Declarations
#
userdom_restricted_xwindows_user_template(TEMPLATETYPE)
"""
te_existing_user_types="""\
policy_module(TEMPLATETYPE, 1.0.0)
"""
te_root_user_types="""\
policy_module(TEMPLATETYPE, 1.0.0)
## <desc>
## <p>
## Allow TEMPLATETYPE to read files in the user home directory
## </p>
## </desc>
gen_tunable(TEMPLATETYPE_read_user_files, false)
## <desc>
## <p>
## Allow TEMPLATETYPE to manage files in the user home directory
## </p>
## </desc>
gen_tunable(TEMPLATETYPE_manage_user_files, false)
########################################
#
# Declarations
#
userdom_base_user_template(TEMPLATETYPE)
"""
te_login_user_rules="""\
"""
te_existing_user_rules="""\
########################################
#
# TEMPLATETYPE customized policy
#
"""
te_x_login_user_rules="""\
"""
te_root_user_rules="""\
"""
te_transition_rules="""
optional_policy(`
APPLICATION_role(TEMPLATETYPE_r, TEMPLATETYPE_t)
')
"""
te_user_trans_rules="""
optional_policy(`
gen_require(`
role USER_r;
')
TEMPLATETYPE_role_change(USER_r)
')
"""
te_admin_rules="""
allow TEMPLATETYPE_t self:capability { dac_override dac_read_search kill sys_ptrace sys_nice };
files_dontaudit_search_all_dirs(TEMPLATETYPE_t)
selinux_get_enforce_mode(TEMPLATETYPE_t)
seutil_domtrans_setfiles(TEMPLATETYPE_t)
seutil_search_default_contexts(TEMPLATETYPE_t)
logging_send_syslog_msg(TEMPLATETYPE_t)
kernel_read_system_state(TEMPLATETYPE_t)
domain_dontaudit_search_all_domains_state(TEMPLATETYPE_t)
domain_dontaudit_ptrace_all_domains(TEMPLATETYPE_t)
userdom_dontaudit_search_admin_dir(TEMPLATETYPE_t)
userdom_dontaudit_search_user_home_dirs(TEMPLATETYPE_t)
tunable_policy(`TEMPLATETYPE_read_user_files',`
userdom_read_user_home_content_files(TEMPLATETYPE_t)
userdom_read_user_tmp_files(TEMPLATETYPE_t)
')
tunable_policy(`TEMPLATETYPE_manage_user_files',`
userdom_manage_user_home_content_dirs(TEMPLATETYPE_t)
userdom_manage_user_home_content_files(TEMPLATETYPE_t)
userdom_manage_user_home_content_symlinks(TEMPLATETYPE_t)
userdom_manage_user_tmp_files(TEMPLATETYPE_t)
')
"""
te_admin_trans_rules="""
gen_require(`
role USER_r;
')
allow USER_r TEMPLATETYPE_r;
"""
te_admin_domain_rules="""
optional_policy(`
APPLICATION_admin(TEMPLATETYPE_t, TEMPLATETYPE_r)
')
"""
te_roles_rules="""
optional_policy(`
gen_require(`
role ROLE_r;
')
allow TEMPLATETYPE_r ROLE_r;
')
"""
te_sudo_rules="""
optional_policy(`
sudo_role_template(TEMPLATETYPE, TEMPLATETYPE_r, TEMPLATETYPE_t)
')
"""
te_newrole_rules="""
seutil_run_newrole(TEMPLATETYPE_t, TEMPLATETYPE_r)
"""